Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4536
Views
0
Helpful
2
Replies

PIX 535 Firewall Password Recovery Procedure Fails

JoeSearcy
Level 1
Level 1

‎04-01-2010 07:53 AM - edited ‎03-11-2019 10:28 AM

I have a PIX 535 Firewall pair (Version 4.3) where we forgot the password. I am utilizing the Password Recovery Procedure found here: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_password_recovery09186a008009478b.shtml#sample. I am utilizing the management port through hyper terminal. I D/L the correct .bin file (nppix.bin) for the BIOS version 4.3. I have a ethernet cable connected from the laptop to the eth0 port on the PIX for the TFTP.

After configuring the interface, address, server, and file name in monitor mode, I am successful in getting the PIX to TFTP the file over. Once the file is transfered, I do not get the password recovery display message asking me to erase the passwords. Once the file transfers, it seems to just hang where the "received xxxxxxx bytes" is displayed.

This is what I see:

-----------------------------------------------------------------------------------------------------------------------------------------------------------------

Using 0: i82559 @ PCI(bus:0 dev:13 irq:10), MAC: 
monitor>address *.*.*.*
address *.*.*.*
monitor>server *.*.*.*
server *.*.*.*
monitor>file nppix.bin
file np52.bin
monitor>ping *.*.*.*
Sending 5, 100-byte 0xf8d3 ICMP Echoes to *.*.*.*, timeout is 4 seconds:
!!!!!
Success rate is 100 percent (5/5)
monitor>tftp
tftp nppix.bin@*.*.*.* via *.*.*.*...................................
...............................................................
.......
Received 110592 bytes
------------------------------------------------------------------------------------
That is it. It just hangs here. I do not receive the following message at all.

"Do you wish to erase the passwords? [yn] y
Passwords have been erased."

Anyone have any suggestions on why these devices are not taking the password recovery? Could this be caused 
by maxing out the flash memory and there is not enough space to perform the load? Any guidance could help.  

Thanks.
 

Labels:
0 Helpful
2 Replies 2

JORGE RODRIGUEZ
Level 10
Level 10

‎04-01-2010 09:47 AM

Hi Joe, this is a tough  one...     I would suggest to try the other unit , if you get similar results , try usin a fresh downloaded .bin file ,  ensure prior  transfering the .bin from tftp to pix  that  that NIC settings duplex/speed in PC/Laptop  are the same as with PIX ..  I would doubt trying with other unit to have same results..  but give that a try.

Regards

Jorge Rodriguez
0 Helpful

sohail003
Level 1
Level 1

‎08-23-2010 06:58 AM

HI,

   It happened with me excatly the same . Accutally we should get this file np62.bin (6.2             release) instead of this nppix.bin (4.3 and             earlier releases).

It solved my problem so we need to get this file np62.bin from this link:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_password_recovery09186a008009478b.shtml

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card